Dropbox's Layered Approach to Password Security

Dropbox has battened down its security hatches. There's good reason: The

company was one of many this year that have faced nightmarish news that
rumors of a password breach were, in fact, true. It's still unclear how
Dropbox and companies including Yahoo, LinkedIn, MySpace and Twitter
were hacked, or why the stolen data only circulated more widely several
years after the intrusions. But the revelations have unnerved web
services companies and spurred a new urgency around securing passwords.

See Also: Main Cyber Attack Destinations in 2016

Dropbox's intrusion was isolated to around mid-2012, an era that Rajan
Kapoor, the company's senior manager for trust and security, says was a
very immature time for cloud services. Since then, security has "grown
up quite a bit," he says.

"The industry on the whole has learned a lot of lessons since 2012,"
Kapoor says. "Dropbox specifically has matured our security capabilities
tremendously."

The password breach occurred around the same time as another security
incident that became public. An attacker managed to compromise a Dropbox
employee's credentials and stole a project document that contained user
email addresses. Some users began receiving spam in German, English and
Dutch advertising gambling websites. 

Read the full story and security methodology for Dropbox Password
Protection as of October, 2016

http://www.databreachtoday.com/dropboxs-layered-approach-to-password-security-a-9441
Real Time Web Analytics